import { NextResponse } from "next/server"
import type { NextRequest } from "next/server"

export function middleware(request: NextRequest) {
  const isAuthenticated =
    request.cookies.has("auth") || request.headers.get("x-auth-token")

  const path = request.nextUrl.pathname

  // ✅ 只保护 /admin 页面，不再限制 /dashboard
  if (!isAuthenticated && path.startsWith("/admin")) {
    return NextResponse.redirect(new URL("/login", request.url))
  }

  // ✅ 如果用户已登录，阻止访问 login 和 register 页面
  if (
    isAuthenticated &&
    (path === "/login" || path === "/register")
  ) {
    return NextResponse.redirect(new URL("/dashboard", request.url))
  }

  return NextResponse.next()
}

export const config = {
  matcher: ["/admin/:path*", "/login", "/register"], // ✅ 移除 /dashboard
}
